Для тех, кто интересуется безопасным доступом к онлайн-играм, наш партнер предлагает зеркало Вавады, которое позволяет обходить любые блокировки и сохранять доступ ко всем функциям казино.

Key Steps to a Robust Risk Management Program

rm-monitoring
Our business environment is constantly changing—technologies improve, regulations are modified, competition increases, and demand evolves. Effective risk management grants an ability to adapt to these changes.

Recent headline events, including the Volkswagen emissions deception, the Wells Fargo scandal, and the penalty paid by Dwolla to the Consumer Financial Protection Bureau (CFPB), illuminate powerful motivators for strong risk management programs. Key to a robust program is preventing stressful, and possibly catastrophic, surprises.

When Plains All American Pipeline failed to detect corrosion in its pipeline, for example, the result was a 3,000-barrel oil spill and millions of dollars in fines. The corrosion had run under the radar because the company did not delegate sufficient inspection resources and did not maintain proper procedures and systems for preventing problems from escalating into emergencies. Risk management best practices, however, could have standardized these procedures throughout the organization and prevented the disaster from occurring.

Complying with regulators like the SEC and CFPB
Dwolla, a small, private e-commerce and online payment company, was found by the CFPB to be guilty of risk management negligence for inadequate data security practices. The catch is that Dwolla did not suffer a data breach and none of its customers were compromised.
buy avanafil online https://galenapharm.com/pharmacy/avanafil.html no prescription

The CFPB fined Dwolla $100,000 as part of its increased focus on companies’ existing prevention strategies. Regulators are no longer simply pursuing organizations that have suffered risk management incidents; organizations need to take proactive approaches rather than simply hope to get by.

Improving productivity and encouraging innovation
An independent, peer-reviewed report, “The Valuation Implications of Enterprise Risk Management Maturity,” published in The Journal of Risk and Insurance, proved that organizations with mature ERM programs (as defined by the RIMS Risk Maturity Model) can achieve a 25% firm valuation premium over those without. Risk management does not have to be a burdensome addition to daily responsibilities—and if it is executed properly, it won’t. It simplifies daily operations by increasing transparency and allowing more resources to be devoted to value-add activities, like product development and customer services.

Checklist for evaluating your risk management efforts

A better question than “does my organization perform risk management?” is “how effectively does my organization identify and mitigate risks?” The following checklist outlines characteristics common to effective risk management programs. Your organization should prioritize development in these areas.

  1. Effective risk management governance

Boards, through their risk oversight role, are accountable for a risk’s material impact, whether the cause is at the executive level or on the front lines. The SEC considers “not knowing about a material risk” negligence, which carries the same penalties as fraud.

  • The board must monitor the effectiveness of the organization’s risk management process, ensuring it reaches all levels and business areas.

  • Internal auditors must independently confirm the board is informed on all material risks.
  • All material risks must be disclosed to shareholders, along with evidence that they are effectively mitigated.
  1. Performance management and goal management
  • Divide corporate objectives into business-unit contributions.
  • Identify business processes contributing to a goal within each business unit.
  • Cascade goals to all front-line managers within contributing processes.

  • Aggregate goal assessments and determine links between contributing business processes.
  1. Consistent risk identification and prioritization

Risk assessments must address more than high-level concerns. Effective assessments drill into risk events, uncovering the root cause, or problem “driving” the risk. Repeatable risk assessments are based on common numerical scales and scoring criteria across departments.

  1. Actionable risk tolerances

Risk appetite is a high-level statement that serves as a guide for strategic decisions. In order to be actionable, it should be accompanied by its quantitative cousin, risk tolerance. Risk tolerance is an effective monitoring technique for key performance goals and risk metrics.

  1. Centralized risk monitoring and control activities

Risk managers need to do more than design processes to identify risks and appropriate responses. A critical third component—monitoring—is the verification of a control’s effectiveness over the risk. A few key things to keep in mind to make monitoring effective:

  • Adjust risk assessments over time (spend less time on risks with decreasing indexes).
  • Reduce testing by identifying areas that can share controls (increase organizational efficiency).
  • Link risks and activities to determine which processes need to be monitored (prioritize activities/initiatives).
  • Monitor business metrics (discover concerning trends before they affect the organization).
  1. Forward-looking risk and goal reporting and communication

In order to continue funding their organizations’ risk management programs, boards need evidence that those programs are working. Risk managers should ask two basic questions before reporting to the board:

  • How might identified risks affect the board’s strategic objectives and key concerns?
  • Which metrics or trends most validate the program’s effectiveness?

These items are just a starting point for an analysis of your organization’s program. For a more in-depth blueprint and “state of ERM” report, take the RIMS Risk Maturity Model (RMM), a free best-practice assessment tool that scores risk management programs and generates an immediate report of your organization’s risk maturity.

2016’s Worst U.S. ‘Judicial Hellholes’

This year’s Judicial Hellholes report, published by the American Tort Reform Association, identifies nine “hellholes” in light of changes in the U.S. state court system, the types of cases being seen and the courts’ balance between defendants and plaintiffs.

The top nine judicial hellholes are:
j-hellholesAnd if that isn’t enough, the report also includes a “Watch List,” calling attention to eight additional jurisdictions “that bear watching due to their histories of abusive litigation or troubling developments.” Those are:
jh-watchlistBut the news isn’t all bad. The report examines “Points of Light,” which are examples of “fair and balanced judicial decisions that adhere to the rule of law and respect the policy-making authority of the legislative and executive branches.” Highlights include positive court rulings from 11 states.

These courts made it easier to dismiss groundless claims, tougher to bring junk science into court, gave juries a more accurate understanding of how injuries occurred in auto accident cases, and reduced the potential for inflated damage awards. Courts also confirmed that a state attorney general can dismiss meritless cases brought on behalf of the state, but can’t hand the state’s law enforcement power to private contingency fee lawyers.

The report also points out that there are a staggering number of new laws on the books for companies to keep track of. In fact, since 2010, there was an average of 827 new laws annually in California alone.

From 2010 through 2015, lawmakers in Sacramento managed to tack onto the books an annual average of more than 800 new laws. In 2016, they added another 893, at least some of which (see SB 859, SB 1063, SB 1130, SB 1150 and SB 1241) were designed primarily to foment still more litigation and related costs that for many years have helped drive businesses, along with their jobs and tax revenues, into the arms of less litigious states across the country and around the globe.
new-laws

Wells Fargo: What Should Have Happened

wells-fargo

When Wells Fargo fired 5,300 employees in September for inappropriate sales practices, then-CEO John Stumpf approached the scandal with an outdated playbook. In response to the $185 million in fines levied by regulators, he first denied any knowledge of the illegitimate accounts. Attempting to mitigate press fallout by distancing the company from a group of “bad eggs” acting independently is not the answer, however. Even if Stumpf had maintained this assertion of innocence, changes in the risk environment over the past few years demand a proactive approach.

Rather than simply deflecting responsibility in these situations, executives must be able to accomplish two things:

• Provide historical evidence of due diligence and risk management (if such a program was actually used)
• Demonstrate how the company is adjusting its policies and/or implementing new policies to ensure a similar incident doesn’t happen in the future

In 2010, the SEC’s Proxy Disclosure Enhancement (rule 33-9089) explicitly made boards of directors responsible for assessing and disclosing risk management effectiveness to shareholders. It mandates the use of risk monitoring systems to demonstrate that existing controls (mitigation activities) are effective. Under this rule, “not knowing” about an activity performed by employees is considered negligence.

buy phenergan online blockdrugstores.com/wp-content/uploads/2023/10/jpg/phenergan.html no prescription pharmacy

This is a crucial development; negligence carries the same penalty as fraud, but it does not require proof of intent. The Yates Memo (2015) gave the SEC ruling more “teeth” by requiring organizations to provide the Department of Justice with all the facts related to responsible individuals.

As a result, many companies have suffered significant penalties and frequently criminal charges, even though their executives were allegedly unaware of illicit activities. Consider the emissions scandal at Volkswagen and fines paid (to the SEC) by global health science company Nordion Inc. In both instances, deceptions were perpetrated by individuals below the executive level, but senior management’s inability to detect/prevent the incidents came back to bite them.

How to Prevent Risk Management Failures at Your Organization

John Stumpf’s approach should have started with an admission of Wells Fargo’s failure in risk management processes across the enterprise, followed by evidence that a more effective, formal enterprise risk management process is being implemented. For example, risk assessments must cascade from senior management down to the front lines and across all business silos. This ensures that the personnel most familiar with operational risks (and how to mitigate them) can keep the board informed.

In other words, instead of simply apologizing and attempting to provide restitution, Stumpf should have demonstrated that Wells Fargo is taking proactive risk management measures to protect its many stakeholders.

buy hydroxychloroquine online blockdrugstores.com/wp-content/uploads/2023/10/jpg/hydroxychloroquine.html no prescription pharmacy

It is the company’s duty to ensure that something like this never happens again.

The scandal is predictably following the same track as have previous failures in risk management: it starts with regulatory penalties, then leads to punitive damages, class action lawsuits, and finally, criminal charges and individual liability, depending on the particular case.

buy bactroban online blockdrugstores.com/wp-content/uploads/2023/10/jpg/bactroban.html no prescription pharmacy

The key to this pattern is the absence of adequate risk management, which means negligence under the new enterprise risk management laws, regulations and mandates passed since 2010.

The good news is that avoiding serious, long-term consequences is possible if proper actions are taken. For example, by providing a historical record of risk management practices, Morgan Stanley avoided regulatory penalties when an employee evaded existing internal controls. Other corporations that can provide evidence of an effective risk management program (risk assessments, internal controls that address risks, monitoring activities over these internal controls, and an electronic due-diligence trail) are largely exempt from punitive damages, class-action lawsuits, and possible jail time.

When implemented proactively, effective risk management systems have and will continue to prevent scandals, regulatory fines, litigation and imprisonment. For a more in-depth analysis of the Wells Fargo scandal, read the LogicManager blog post “The Walls Fargo Scandal is a Failure in Risk Management.”

Asian Piracy and Crime Incidents Drop 65%

The number of piracy and armed robbery incidents in Asia from January to September 2016 decreased by 65% compared to the same period in 2015. A total of 59 incidents were reported during the period, including three piracy and 56 armed robbery incidents, according to the Regional Cooperation Agreement on Combating Piracy and Armed Robbery against Ships in Asia (ReCAAP).

ReCAAP emphasized that the decrease in the overall number of incidents was most evident in the Straits of Malacca and Singapore. Other improvements were reported at ports and anchorages in Bangladesh and Vietnam. In these regions, there were only two incidents from January to September 2016, compared to 96 incidents in the same period last year.

buy zestril online https://ozgurmd.com/wp-content/uploads/2023/10/jpg/zestril.html no prescription pharmacy

About 73% of the incidents occurred on board ships while at ports and anchorages, and 27% on ships while underway.

buy prednisone online https://ozgurmd.com/wp-content/uploads/2023/10/jpg/prednisone.html no prescription pharmacy

recapp-1

There was also a decrease in hijacking of ships for oil cargo theft during the nine-month period—only two such incidents occurred, compared to 12 incidents in 2015.
recapp-2

Although the total number of incidents has decreased, there is no room for complacency, ReCAAP emphasized. Measures must be implemented to prevent recurrence of incidents involving the abduction of crew in the Sulu Sea and hijacking ships to steal oil cargo. Crews need to be vigilant while underway and maintain watch at ports and anchorages. In addition, authorities should implement port security measures and maintain regular surveillance.

recapp-3